Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5f69da-4f26-47df-a9a9-6bee97ffd968/1/gdcvfVC1A0J6Y5wEeM7ajL8ZWqY.roa
File: gdcvfVC1A0J6Y5wEeM7ajL8ZWqY.roa (raw, json)
Hash identifier: rwSDtV5+UFY1OMbVLd3/BKZgMtuvDFJGLNREvrJIiYk=
Subject key identifier: 81:D7:2F:7D:50:B5:03:42:7A:63:9C:04:78:CE:DA:8C:BF:19:5A:A6
Certificate issuer: /CN=14d01cae1ddfd4d437e7b7feea5ea46e30405090
Certificate serial: 01942143E681DBD56B01B262755E262EBF73
Authority key identifier: 14:D0:1C:AE:1D:DF:D4:D4:37:E7:B7:FE:EA:5E:A4:6E:30:40:50:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNAcrh3f1NQ357f-6l6kbjBAUJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5f69da-4f26-47df-a9a9-6bee97ffd968/1/gdcvfVC1A0J6Y5wEeM7ajL8ZWqY.roa
Signing time: Wed 01 Jan 2025 09:48:05 +0000
ROA not before: Wed 01 Jan 2025 09:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 176.101.16.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e6:81:db:d5:6b:01:b2:62:75:5e:26:2e:bf:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14d01cae1ddfd4d437e7b7feea5ea46e30405090
Validity
Not Before: Jan 1 09:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81d72f7d50b503427a639c0478ceda8cbf195aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1b:5a:d7:b5:c6:27:16:5a:6b:f9:bf:75:b8:
21:e4:af:10:26:31:9b:da:05:77:71:37:a4:1f:3d:
64:94:27:ae:31:b6:0a:fa:79:28:17:75:ec:2b:64:
22:9a:73:24:0a:e5:85:fc:61:c7:f4:5d:8b:76:0f:
46:34:dc:44:4b:60:ca:95:5e:c5:2a:1a:40:6d:d0:
30:fa:a0:5b:58:c2:0b:fb:b1:70:ab:e8:6b:f9:25:
84:de:94:82:a4:a7:e6:12:b6:39:78:46:b0:6f:e7:
1b:e1:09:04:aa:00:14:05:e3:93:8a:ac:66:83:5d:
ed:5c:5c:54:e0:fd:1b:e6:2c:32:9f:ae:df:a3:2a:
cd:87:5a:c5:e4:e8:ef:e8:74:21:fc:72:8e:5e:01:
c0:15:59:6c:98:28:01:38:5a:65:b8:00:23:97:a9:
b6:74:61:4f:ef:77:b2:ba:21:41:b9:28:0e:88:db:
c1:8f:bb:0a:c1:6e:94:08:68:3a:a7:2d:01:bc:5e:
c2:8f:08:5f:ad:c5:0d:c6:5f:62:49:af:16:aa:7a:
a1:5d:21:de:5c:fd:12:23:f0:fe:ba:06:b7:d2:61:
47:c3:47:f0:51:d5:ce:ee:b3:cc:7e:51:ee:4b:a3:
42:b3:8f:dd:24:6a:01:df:68:d6:62:9d:f9:97:f1:
70:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D7:2F:7D:50:B5:03:42:7A:63:9C:04:78:CE:DA:8C:BF:19:5A:A6
X509v3 Authority Key Identifier:
keyid:14:D0:1C:AE:1D:DF:D4:D4:37:E7:B7:FE:EA:5E:A4:6E:30:40:50:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNAcrh3f1NQ357f-6l6kbjBAUJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5f69da-4f26-47df-a9a9-6bee97ffd968/1/gdcvfVC1A0J6Y5wEeM7ajL8ZWqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5f69da-4f26-47df-a9a9-6bee97ffd968/1/FNAcrh3f1NQ357f-6l6kbjBAUJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.16.0/20
Signature Algorithm: sha256WithRSAEncryption
66:67:d3:5e:1d:00:7d:ba:ad:95:a3:f1:12:71:26:ff:d6:8f:
33:20:25:83:62:6b:ab:68:eb:53:43:61:61:db:ce:53:2d:c9:
73:02:3d:ed:38:14:b0:82:8e:1c:7b:f0:27:f4:4b:4d:a2:93:
8b:fc:eb:bc:fc:25:4b:5a:09:f8:3b:c7:56:07:40:37:d9:bc:
f1:2b:90:99:2f:b1:43:bc:cd:ef:a6:0c:1b:2b:e4:85:fe:17:
4a:cf:9d:de:ff:d8:fa:8a:05:53:69:1c:32:d2:08:dd:42:5a:
67:46:be:3a:a8:d0:91:9a:77:e1:f4:9d:34:a2:5a:c8:ea:b4:
50:0f:4c:0d:5c:08:13:dd:23:cf:23:72:fc:88:b9:c7:a6:dd:
d6:09:b2:e1:be:7f:76:dd:53:7a:52:ce:42:f3:11:03:8f:6a:
83:f0:7d:38:8c:92:46:12:d1:9c:37:ca:60:bb:f1:95:ae:e3:
88:c6:77:cc:30:4f:ae:81:a1:52:aa:b5:3e:cc:e8:d3:8c:b1:
6a:4e:05:4e:50:7a:44:4b:0c:2e:69:ff:a2:54:5a:bf:db:c3:
f0:c0:64:92:66:96:96:1f:e1:93:04:8b:36:b8:97:87:56:21:
4a:be:83:12:d5:25:d7:8d:fc:4f:d0:04:5b:ec:21:ff:7f:2c:
16:98:d3:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+aB29VrAbJidV4mLr9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZDAxY2FlMWRkZmQ0ZDQzN2U3YjdmZWVhNWVhNDZlMzA0
MDUwOTAwHhcNMjUwMTAxMDk0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ3MmY3ZDUwYjUwMzQyN2E2MzljMDQ3OGNlZGE4Y2JmMTk1YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxta17XGJxZaa/m/dbgh5K8QJjGb
2gV3cTekHz1klCeuMbYK+nkoF3XsK2QimnMkCuWF/GHH9F2Ldg9GNNxES2DKlV7F
KhpAbdAw+qBbWMIL+7Fwq+hr+SWE3pSCpKfmErY5eEawb+cb4QkEqgAUBeOTiqxm
g13tXFxU4P0b5iwyn67foyrNh1rF5Ojv6HQh/HKOXgHAFVlsmCgBOFpluAAjl6m2
dGFP73eyuiFBuSgOiNvBj7sKwW6UCGg6py0BvF7CjwhfrcUNxl9iSa8WqnqhXSHe
XP0SI/D+uga30mFHw0fwUdXO7rPMflHuS6NCs4/dJGoB32jWYp35l/Fw2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHXL31QtQNCemOcBHjO2oy/GVqmMB8GA1UdIwQY
MBaAFBTQHK4d39TUN+e3/upepG4wQFCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5BY3JoM2YxTlEzNTdmLTZsNmtiakJBVUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZjY5ZGEtNGYyNi00N2RmLWE5YTkt
NmJlZTk3ZmZkOTY4LzEvZ2RjdmZWQzFBMEo2WTV3RWVNN2FqTDhaV3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZjY5ZGEtNGYyNi00N2RmLWE5YTktNmJlZTk3ZmZkOTY4
LzEvRk5BY3JoM2YxTlEzNTdmLTZsNmtiakJBVUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsGUQMA0G
CSqGSIb3DQEBCwUAA4IBAQBmZ9NeHQB9uq2Vo/EScSb/1o8zICWDYmuraOtTQ2Fh
285TLclzAj3tOBSwgo4ce/An9EtNopOL/Ou8/CVLWgn4O8dWB0A32bzxK5CZL7FD
vM3vpgwbK+SF/hdKz53e/9j6igVTaRwy0gjdQlpnRr46qNCRmnfh9J00olrI6rRQ
D0wNXAgT3SPPI3L8iLnHpt3WCbLhvn923VN6Us5C8xEDj2qD8H04jJJGEtGcN8pg
u/GVruOIxnfMME+ugaFSqrU+zOjTjLFqTgVOUHpESwwuaf+iVFq/28PwwGSSZpaW
H+GTBIs2uJeHViFKvoMS1SXXjfxP0ARb7CH/fywWmNMt
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:29 2025 by rpki-client